Noted with thanks On Thu, Nov 15, 2018 at 3:06 PM Lars Helge Øverland <[email protected]> wrote:
> Hi all, > > a potential serious security issue has been discovered with one of the > libraries used by DHIS 2. The issue can potentially allow attackers to > write or copy files to disk in arbitrary locations. The attacker needs to > be logged in to DHIS 2 (authenticated) to do this. > > The affected versions are *DHIS 2.28 and older*. > > We have patched the following versions: 2.25, 2.26, 2.27, 2.28. > > We recommend that you upgrade to the latest build of the mentioned > releases if you are affected. We won't disclose more info about this issue > on the public mailing list. > > > best, > > Lars > > > -- > > Lars Helge Øverland > Technical lead, DHIS 2 > University of Oslo > [email protected] > https://www.dhis2.org > > _______________________________________________ > Mailing list: https://launchpad.net/~dhis2-users > Post to : [email protected] > Unsubscribe : https://launchpad.net/~dhis2-users > More help : https://help.launchpad.net/ListHelp >
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-users Post to : [email protected] Unsubscribe : https://launchpad.net/~dhis2-users More help : https://help.launchpad.net/ListHelp
